diff options
Diffstat (limited to 'share/security/advisories/FreeBSD-SA-16:06.bsnmpd.asc')
-rw-r--r-- | share/security/advisories/FreeBSD-SA-16:06.bsnmpd.asc | 142 |
1 files changed, 0 insertions, 142 deletions
diff --git a/share/security/advisories/FreeBSD-SA-16:06.bsnmpd.asc b/share/security/advisories/FreeBSD-SA-16:06.bsnmpd.asc deleted file mode 100644 index ecd43eeb23..0000000000 --- a/share/security/advisories/FreeBSD-SA-16:06.bsnmpd.asc +++ /dev/null @@ -1,142 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA512 - -============================================================================= -FreeBSD-SA-16:06.bsnmpd Security Advisory - The FreeBSD Project - -Topic: Insecure default snmpd.config permissions - -Category: contrib -Module: bsnmpd -Announced: 2016-01-14 -Credits: Pierre Kim -Affects: All supported versions of FreeBSD. -Corrected: 2016-01-14 09:11:42 UTC (stable/10, 10.2-STABLE) - 2016-01-14 09:10:46 UTC (releng/10.2, 10.2-RELEASE-p9) - 2016-01-14 09:11:16 UTC (releng/10.1, 10.1-RELEASE-p26) - 2016-01-14 09:11:48 UTC (stable/9, 9.3-STABLE) - 2016-01-14 09:11:26 UTC (releng/9.3, 9.3-RELEASE-p33) -CVE Name: CVE-2015-5677 - -For general information regarding FreeBSD Security Advisories, -including descriptions of the fields above, security branches, and the -following sections, please visit <URL:https://security.FreeBSD.org/>. - -I. Background - -The bsnmpd daemon serves the Internet SNMP (Simple Network Management -Protocol). It is intended to serve only the absolute basic MIBs and -implements all other MIBs through loadable modules. - -II. Problem Description - -The SNMP protocol supports an authentication model called USM, which relies -on a shared secret. The default permission of the snmpd.configiguration file, -/etc/snmpd.config, is weak and does not provide adequate protection against -local unprivileged users. - -III. Impact - -A local user may be able to read the shared secret, if configured and used -by the system administrator. - -IV. Workaround - -No workaround is available, but systems that do not use bsnmpd with its USM -authentication model are not vulnerable. - -V. Solution - -This vulnerability can be fixed by modifying the permission on -/etc/snmpd.config to owner root:wheel and permission 0600. - -The patch is provided mainly for third party vendors who deploy FreeBSD -and provide a safe default. The patch itself DOES NOT fix the permissions -for existing installations. - -The patch can be applied by performing one of the following: - -1) Upgrade your vulnerable system to a supported FreeBSD stable or -release / security branch (releng) dated after the correction date. - -The system administrator should change the permission on /etc/snmpd.config -to root:wheel and 0600. - -2) To update your vulnerable system via a binary patch: - -Systems running a RELEASE version of FreeBSD on the i386 or amd64 -platforms can be updated via the freebsd-update(8) utility: - -# freebsd-update fetch -# freebsd-update install - -The system administrator should change the permission on /etc/snmpd.config -to root:wheel and 0600. - -3) To update your vulnerable system via a source code patch: - -The following patches have been verified to apply to the applicable -FreeBSD release branches. - -a) Download the relevant patch from the location below, and verify the -detached PGP signature using your PGP utility. - -# fetch https://security.FreeBSD.org/patches/SA-16:06/bsnmpd.patch -# fetch https://security.FreeBSD.org/patches/SA-16:06/bsnmpd.patch.asc -# gpg --verify bsnmpd.patch.asc - -b) Apply the patch. Execute the following commands as root: - -# cd /usr/src -# patch < /path/to/patch - -c) Recompile the operating system using buildworld and installworld as -described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>. - -VI. Correction details - -The following list contains the correction revision numbers for each -affected branch. - -Branch/path Revision -- ------------------------------------------------------------------------- -stable/9/ r293898 -releng/9.3/ r293896 -stable/10/ r293897 -releng/10.1/ r293894 -releng/10.2/ r293893 -- ------------------------------------------------------------------------- - -To see which files were modified by a particular revision, run the -following command, replacing NNNNNN with the revision number, on a -machine with Subversion installed: - -# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base - -Or visit the following URL, replacing NNNNNN with the revision number: - -<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> - -VII. References - -<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5677> - -The latest revision of this advisory is available at -<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-16:06.bsnmpd.asc> ------BEGIN PGP SIGNATURE----- - -iQIcBAEBCgAGBQJWl+LcAAoJEO1n7NZdz2rnZgcQANXfhZ5c/0sRlLmSGtvvCOvC -Zw7OEFrFuEgDL4RmjsJznQ6CJ7CO/4rF6+oaDRpCaJCfo2r92mpk3N+q907L9yZD -JR6dXajZugrq5cXnn3n5zMKiWQJnA5hQ9xz4dxRIsVwGcDKNmPDH37nmL7iv0E1n -AkTLoUTXqwYZvUm+K3uDXA/i/ML8lQ7ERRdY2+4cufo2pGD6TfzNuxYMOzQldS29 -4ikv30TTdSMhKxjYS+qMkeFKvwr2UGwERO/eGhoBwqwXV0MAsKDgX4ahfgu7VQln -Qs+2VaRk9PYPYS6DuOaUc+rCJ1SxmZ5/vK7ULt4zvxNT0r+sp0wvxYsDcQP2JDL5 -iY+O0gvDi4ob0Y+30YaLwoM7L7yW+Lzgv+QgT344T2iDOu3ZEZK/n4gEkD+HYNkJ -/mU/frCbBbcil8AhyiBO/shjATPfRWSGJUpkYpDDnzR1fhojRJlrkl8WOprjHtYw -OntSUQ1tXsYUJ0iNyhYDNlfI8abjOw/jAqeFBFjFa6FvA/pml+jyWGsscl7evrwQ -uIzJo7yHwcqxa7pqSAdiPRVE3hnzeR0yZtOHBpOvR/veHdoXfYhn1QZCIy6hbuSy -gN3vPm+vow5Ls46i0JVNzXRdGWiIVyfHt9axoQOef5zvbsLm9qgGECrTBHjbow2I -fQ7dKyaCpR1ORJ0NLH61 -=hOZk ------END PGP SIGNATURE----- |